Introduction
Welcome to Zeph ("we," "us," "our," or "the App"). We're committed to protecting your privacy while
helping you find the perfect time to train outdoors.
This Privacy Policy explains how we collect, use, store, and protect your information when you use our
fitness weather application. This policy should be read alongside our Terms of Service, which governs
your use of the App.
By using Zeph, you acknowledge that you have read and understood this Privacy Policy.
Table of Contents
1. Information We Collect
1.1 Information We Collect Automatically
Location Data
- Precise Location (GPS Coordinates): Required to provide weather recommendations for
your exact area
- Cached Locations: Recent locations stored locally on your device for faster
performance
- Collection Frequency: When you open the App, request updated recommendations, or
enable background refresh
Device Information
- Device type and model (e.g., iPhone 14 Pro)
- Operating system version (e.g., iOS 17.2)
- App version number
- Device language and region settings
- Unique device identifiers (for analytics and crash reporting only)
- Screen size and resolution
- Timezone
Usage Data
- App interactions and features accessed
- Workout activity preferences (running, cycling, walking, HIIT)
- Times when you check recommendations
- Notification interaction (opened, dismissed, clicked)
- Feature usage frequency
- Session duration and frequency
Weather Preferences
- Preferred workout times
- Temperature comfort range
- Activity-specific settings
- Notification preferences
- Units of measurement (Fahrenheit/Celsius, mph/km/h)
1.2 Information You Provide
Activity Preferences
- Workout types you engage in
- Custom temperature preferences
- Notification schedule preferences
Support Communications
- If you contact us, we collect your email address and message content
- We use this only to respond to your inquiry
1.3 Information We Do NOT Collect
We are committed to minimal data collection. We do NOT collect:
- ❌ Your name, email, or contact information (unless you contact us)
- ❌ Payment information (handled entirely by Apple)
- ❌ Health data from HealthKit or other fitness apps
- ❌ Workout performance, fitness tracking, or exercise completion data
- ❌ Heart rate, calories burned, or biometric data
- ❌ Social media profiles or connections
- ❌ Photos, videos, or media files
- ❌ Contacts or address book
- ❌ Microphone or camera data
- ❌ Browsing history or web activity
1.4 Anonymous Usage Model
Zeph does NOT require account creation or login.
This means:
- ✅ No email, username, or password needed
- ✅ Complete privacy — we cannot identify you personally across sessions
- ✅ All preferences stored locally on your device
- ✅ No cloud sync of personal data
- ✅ Each device operates independently
Important implications:
- ⚠️ Settings don't transfer between devices
- ⚠️ Data is lost if you delete the app (no cloud backup)
- ⚠️ Reinstalling the app resets all preferences
2. How We Use Your Information
2.1 Primary Purposes (Core Functionality)
We use your information to:
Provide Weather Recommendations
- Analyze weather conditions for your precise location
- Generate optimal workout timing suggestions
- Calculate activity-specific readiness scores
- Identify ideal training windows throughout the day
Personalization
- Tailor recommendations based on your activity preferences
- Adjust suggestions for your temperature comfort range
- Customize notifications to your schedule
Notifications
- Send daily training briefings (if enabled)
- Alert you to optimal workout windows (if enabled)
- Provide weather change alerts relevant to your activities
Performance Optimization
- Cache recent weather data locally to reduce load times
- Minimize API calls and battery consumption
- Provide offline access to recent forecasts
2.2 App Improvement and Analytics
We analyze aggregated, anonymized data to:
- Understand which features provide the most value
- Identify and fix bugs or crashes
- Optimize app performance and responsiveness
- Plan future feature development
- Improve the recommendation algorithm
Analytics are currently limited to:
- Crash reporting (to identify and fix issues)
- Basic usage statistics (feature usage frequency)
- Performance metrics (load times, API response times)
We do NOT use your data for:
- Targeted advertising
- Selling to third parties
- Building user profiles for marketing
- Training AI models on your personal data
2.3 Legal Compliance
We may use or disclose information to:
- Comply with applicable laws and regulations
- Respond to valid legal requests, court orders, or subpoenas
- Protect our rights, property, and safety
- Prevent fraud, abuse, or violations of our Terms of Service
- Enforce our legal agreements
3. How to Contact Us
For privacy questions, concerns, or data requests:
- Primary Contact: privacy@getzeph.app
- Response Time: Within 5 business days
- Subject Line: Include "Privacy Request - Zeph" for faster processing
Other Contact Options:
Developer Information:
4. Data Storage and Security
4.1 Local Storage (On Your Device)
Most data never leaves your device. Stored locally:
- ✓ Cached weather data (refreshed every 24-48 hours)
- ✓ Location history (recent locations only)
- ✓ User preferences and settings
- ✓ Activity-specific configurations
- ✓ Notification preferences
- ✓ Units of measurement preferences
Technology Used:
- iOS UserDefaults for simple preferences
- Local file storage for cached weather data
- iOS Keychain for sensitive data (if applicable)
- All data protected by iOS sandboxing
4.2 Cloud Storage (Minimal)
We transmit minimal data to servers:
- Your location coordinates → Weather API (Open-Meteo)
- Anonymous analytics events → Analytics provider (if implemented)
- Crash reports → Crash reporting service (if implemented)
We do NOT store in the cloud:
- ❌ Personal preferences
- ❌ Location history
- ❌ Identifiable user profiles
- ❌ Activity logs or workout data
4.3 Security Measures
We implement industry-standard security practices:
Technical Safeguards:
- TLS 1.3 encryption for all data transmission over the internet
- AES-256 encryption for sensitive data at rest
- Secure API authentication using encrypted tokens
- Certificate pinning for weather API communications
- HTTPS-only connections (no unencrypted HTTP)
Operational Safeguards:
- Regular security audits and dependency updates
- Minimal data retention policies (see Section 7)
- Limited access to data (solo developer, minimal infrastructure)
- Secure development practices following OWASP Mobile Security guidelines
- Prompt security patch deployment
Important Limitation: While we implement strong security measures, no method of
transmission or storage is 100% secure. We cannot guarantee absolute security against sophisticated
attacks, device compromise, or unauthorized physical access to your device. If you believe your data has
been compromised, contact us immediately at: security@getzeph.app
5. Data Sharing and Third Parties
5.1 Third-Party Services We Use
We share minimal data with the following third-party services:
Weather Data Provider: Open-Meteo
- Purpose: Retrieve weather forecasts and current conditions
- Data Shared: Your GPS coordinates (latitude/longitude only)
- Frequency: When you request updated weather data
- Privacy Policy: https://open-meteo.com/en/terms
- Data Retention: Open-Meteo does not retain location data (as of January 2025)
Apple App Store (Subscription Processing)
- Purpose: Process subscription purchases and manage billing
- Data Shared by Apple to Us: Transaction IDs, purchase timestamps, subscription
status (active/expired/cancelled)
- Data We Do NOT Receive: Credit card details, billing address, Apple ID, or any
payment information
- Privacy Policy: https://www.apple.com/legal/privacy/
5.2 We Do NOT Share Data With:
- ❌ Advertising networks or data brokers
- ❌ Social media platforms
- ❌ Marketing companies
- ❌ Other fitness or health apps
- ❌ Insurance companies
- ❌ Employers or third-party wellness programs
- ❌ Any party for purposes other than providing the Service
5.3 We Do NOT:
- ❌ Sell your data to anyone, ever
- ❌ Share your location with advertisers
- ❌ Use your data for targeted advertising
- ❌ Provide data to data brokers
- ❌ Cross-reference your data with other databases
- ❌ Build advertising profiles
5.4 Legal Requirements and Safety
We may disclose information if required by:
- Legal Process: Valid subpoena or court order, government or regulatory requests,
law enforcement inquiries (with valid legal basis)
- Safety and Rights Protection: Protect our legal rights or property, ensure safety
of users or the public, investigate fraud, Terms violations, or abuse, defend against legal claims
Notification: Where legally permitted, we will notify you before disclosing your
information in response to legal requests.
6. Your Privacy Rights
6.1 Universal Rights (All Users)
You can always:
- Control Location Access: iOS Settings → Privacy & Security → Location Services →
Zeph
- Disable Notifications: iOS Settings → Notifications → Zeph
- Delete Cached Data: In-app settings → Clear Cache (if available) or reinstall app
- Delete All Data: Delete the app from your device
- Request Data Deletion from Analytics: Email privacy@getzeph.app
6.2 California Residents (CCPA/CPRA)
Under the California Consumer Privacy Act, you have the right to:
- Right to Know
- Right to Delete
- Right to Opt-Out of Sale (Not applicable, we do not sell data)
- Right to Non-Discrimination
- Right to Correct
- Right to Limit Use of Sensitive Personal Information
How to Exercise Your Rights: Email privacy@getzeph.app with subject "CCPA Request -
Zeph".
6.3 EU/EEA Residents (GDPR)
Under the General Data Protection Regulation, you have the right to:
- Right of Access (Article 15)
- Right to Rectification (Article 16)
- Right to Erasure / "Right to be Forgotten" (Article 17)
- Right to Restriction of Processing (Article 18)
- Right to Data Portability (Article 20)
- Right to Object (Article 21)
- Right to Withdraw Consent (Article 7)
- Right to Lodge a Complaint (Article 77)
How to Exercise Your Rights: Email privacy@getzeph.app with subject "GDPR Request -
Zeph".
7. Data Retention
7.1 Local Data (On Your Device)
- Weather Data: Cached forecasts kept for 24-48 hours.
- User Preferences: Retained indefinitely until you delete the app.
- Location History: Recent locations only, oldest deleted when cache full.
7.2 Analytics and Server-Side Data
- Anonymous Usage Analytics: Up to 24 months.
- Crash Reports: Until issue is resolved (typically 1-6 months).
- Support Communications: Up to 3 years.
7.3 Subscription Data (from Apple)
- Transaction Records: Duration of subscription + 7 years (tax/legal requirements).
7.4 When You Delete the App
Immediate deletion of all local data. Anonymous analytics remain temporarily but cannot be linked to you.
To completely remove all data, email privacy@getzeph.app.
8. Children's Privacy and Age Requirements
8.1 Age Requirements
Minimum Age: 13 years old. Recommended Age: 17+.
8.2 Children Under 13
Zeph is NOT intended for children under 13. We do not knowingly collect personal information from
children under 13.
Parents: If you believe your child under 13 has provided information to Zeph, contact us immediately at
privacy@getzeph.app.
9. Location Data Details
9.1 Why We Need Precise Location
Zeph requires precise GPS coordinates because weather varies significantly within a single city or
region. Accurate recommendations require hyperlocal weather data (e.g., temperature gradients,
microclimates).
9.2 Location Precision Levels
We use Precise Location (GPS) accurate to 10-50 meters. We do not use approximate location (city-level)
as it is insufficient for athletic training decisions.
9.3 How to Control Location Access
Recommended Setting: "While Using the App". This balances privacy with functionality.
9.4 Location Data is NOT:
We explicitly do NOT:
- ❌ Track your movement or routes over time
- ❌ Create location history maps
- ❌ Share your location with advertisers
- ❌ Sell location data to data brokers
9.5 Location Caching
We cache the last 5-10 locations you've checked and their weather data locally on your device for
performance. This data is deleted when you delete the App.
10. Notifications and Permissions
10.1 Push Notifications
We send notifications only if you explicitly opt-in.
- Types of Notifications: Daily Brief, Optimal Window Alerts, Weather Warnings.
- Privacy: We deliver notifications using a device token that does not identify you
personally.
- Revoking Access: You can turn off notifications at any time in iOS Settings.
11. International Data Transfers
Primary Processing: Your data is processed locally on your device.
API Requests: Weather data requests are sent to Open-Meteo servers (located in the EU).
Safeguards: Open-Meteo complies with GDPR. By using the App, you acknowledge that your
location coordinates may be processed on servers outside of your country of residence.
12. Tracking Technologies
We do NOT use:
- ❌ Cookies
- ❌ Web beacons
- ❌ Pixels
- ❌ Third-party tracking SDKs (like Facebook SDK)
- ❌ Ad tracking transparency (IDFA)
We rely solely on standard iOS APIs and anonymous, aggregated analytics.
13. Changes to This Privacy Policy
We may update this policy occasionally. We will notify you of significant changes by:
- Updating the "Last Updated" date at the top of this policy
- Posting a notice within the App
Continued use of the App after changes constitutes acceptance of the new policy.
14. California Disclosures (Shine the Light)
Zeph does not share personal information with third parties for their direct marketing purposes.
California Civil Code Section 1798.83 is therefore not applicable as we do not share data for marketing.
15. Legal Basis for Processing (GDPR)
If you are in the EEA, we process your data based on:
- Consent: For location access (you tap "Allow") and notifications (you tap "Allow").
- Contractual Necessity: To provide the weather service you requested.
- Legitimate Interests: To improve app performance and fix bugs (analytics).
16. Data Breach Notification
In the unlikely event of a data breach involving personal data, we will notify affected users and
relevant authorities within 72 hours of becoming aware of the breach, in accordance with GDPR and
applicable laws.
17. Your Consent and How to Withdraw It
By using the App, you consent to this Privacy Policy.
Withdrawal: You can withdraw consent for location or notifications at any time via iOS
Settings. You can stop all data collection by deleting the App.
18. Contact Information
Developer: Entropy Logic, LLC
Email: privacy@getzeph.app
Address: [Your Mailing Address - To Be Added]
19. App Store Purchases and Subscriptions
Transactions are handled exclusively by Apple. We do not see or store your payment details. Please refer
to Apple's Privacy Policy for payment data handling.
20. What Data Changes with a Subscription (Zeph Pro)?
Subscribing to Zeph Pro does NOT change our data collection practices. Pro users do not get tracked
differently. The only difference is Apple provides us with a receipt to verify your subscription status.
21. Data Rights Summary table
| Right |
How to Exercise |
| Access Data |
Available in App Settings or Email Us |
| Delete Data |
Delete App (Local Data) / Email Us (Server Data) |
| Correct Data |
Modify in App Settings |
| Opt-Out |
iOS Settings > Privacy |
22. Plain Language Summary
To make this as simple as possible:
- We want to help you run, not track you.
- We make money from subscriptions, not from selling your data.
- Your location stays on your phone and is sent briefly to a weather provider to get your forecast.
- We don't know who you are, what you look like, or where you live.
- You are in control.